Description
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Reserved 2024-10-10 | Published 2025-05-07 | Updated 2025-05-08 | Assigner
ciscoMEDIUM: 4.6CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Product status
3.7.0S
affected
3.7.1S
affected
3.7.2S
affected
3.7.3S
affected
3.7.4S
affected
3.7.5S
affected
3.7.6S
affected
3.7.7S
affected
3.7.4aS
affected
3.7.2tS
affected
3.7.0bS
affected
3.7.1aS
affected
3.8.0S
affected
3.8.1S
affected
3.8.2S
affected
3.9.1S
affected
3.9.0S
affected
3.9.2S
affected
3.9.1aS
affected
3.9.0aS
affected
3.2.0SE
affected
3.2.1SE
affected
3.2.2SE
affected
3.2.3SE
affected
3.3.0SE
affected
3.3.1SE
affected
3.3.2SE
affected
3.3.3SE
affected
3.3.4SE
affected
3.3.5SE
affected
3.4.0SG
affected
3.4.2SG
affected
3.4.1SG
affected
3.4.3SG
affected
3.4.4SG
affected
3.4.5SG
affected
3.4.6SG
affected
3.4.7SG
affected
3.4.8SG
affected
3.5.0E
affected
3.5.1E
affected
3.5.2E
affected
3.5.3E
affected
3.11.1S
affected
3.11.2S
affected
3.11.0S
affected
3.11.3S
affected
3.11.4S
affected
3.12.0S
affected
3.12.1S
affected
3.12.2S
affected
3.12.3S
affected
3.12.0aS
affected
3.12.4S
affected
3.13.0S
affected
3.13.1S
affected
3.13.2S
affected
3.13.3S
affected
3.13.4S
affected
3.13.5S
affected
3.13.2aS
affected
3.13.0aS
affected
3.13.5aS
affected
3.13.6S
affected
3.13.7S
affected
3.13.6aS
affected
3.13.7aS
affected
3.13.8S
affected
3.13.9S
affected
3.13.10S
affected
3.6.0E
affected
3.6.1E
affected
3.6.2aE
affected
3.6.2E
affected
3.6.3E
affected
3.6.4E
affected
3.6.5E
affected
3.6.6E
affected
3.6.5aE
affected
3.6.5bE
affected
3.6.7E
affected
3.6.8E
affected
3.6.7bE
affected
3.6.9E
affected
3.6.10E
affected
3.14.0S
affected
3.14.1S
affected
3.14.2S
affected
3.14.3S
affected
3.14.4S
affected
3.15.0S
affected
3.15.1S
affected
3.15.2S
affected
3.15.1cS
affected
3.15.3S
affected
3.15.4S
affected
3.7.0E
affected
3.7.1E
affected
3.7.2E
affected
3.7.3E
affected
3.7.4E
affected
3.7.5E
affected
3.16.0S
affected
3.16.1S
affected
3.16.1aS
affected
3.16.2S
affected
3.16.2aS
affected
3.16.0cS
affected
3.16.3S
affected
3.16.2bS
affected
3.16.3aS
affected
3.16.4S
affected
3.16.4aS
affected
3.16.4bS
affected
3.16.5S
affected
3.16.4dS
affected
3.16.6S
affected
3.16.7S
affected
3.16.6bS
affected
3.16.7aS
affected
3.16.7bS
affected
3.16.8S
affected
3.16.9S
affected
3.16.10S
affected
3.17.0S
affected
3.17.1S
affected
3.17.2S
affected
3.17.1aS
affected
3.17.3S
affected
3.17.4S
affected
16.1.1
affected
16.1.2
affected
16.1.3
affected
16.2.1
affected
16.2.2
affected
3.8.0E
affected
3.8.1E
affected
3.8.2E
affected
3.8.3E
affected
3.8.4E
affected
3.8.5E
affected
3.8.5aE
affected
3.8.6E
affected
3.8.7E
affected
3.8.8E
affected
3.8.9E
affected
3.8.10E
affected
16.3.1
affected
16.3.2
affected
16.3.3
affected
16.3.1a
affected
16.3.4
affected
16.3.5
affected
16.3.5b
affected
16.3.6
affected
16.3.7
affected
16.3.8
affected
16.3.9
affected
16.3.10
affected
16.3.11
affected
16.4.1
affected
16.4.2
affected
16.4.3
affected
16.5.1
affected
16.5.1a
affected
16.5.1b
affected
16.5.2
affected
16.5.3
affected
3.18.0aS
affected
3.18.0S
affected
3.18.1S
affected
3.18.2S
affected
3.18.3S
affected
3.18.4S
affected
3.18.0SP
affected
3.18.1SP
affected
3.18.1aSP
affected
3.18.1bSP
affected
3.18.1cSP
affected
3.18.2SP
affected
3.18.2aSP
affected
3.18.3SP
affected
3.18.4SP
affected
3.18.3aSP
affected
3.18.3bSP
affected
3.18.5SP
affected
3.18.6SP
affected
3.18.7SP
affected
3.18.8aSP
affected
3.18.9SP
affected
3.9.0E
affected
3.9.1E
affected
3.9.2E
affected
16.6.1
affected
16.6.2
affected
16.6.3
affected
16.6.4
affected
16.6.5
affected
16.6.4a
affected
16.6.5a
affected
16.6.6
affected
16.6.7
affected
16.6.8
affected
16.6.9
affected
16.6.10
affected
16.7.1
affected
16.7.1a
affected
16.7.1b
affected
16.7.2
affected
16.7.3
affected
16.7.4
affected
16.8.1
affected
16.8.1a
affected
16.8.1b
affected
16.8.1s
affected
16.8.1c
affected
16.8.1d
affected
16.8.2
affected
16.8.1e
affected
16.8.3
affected
16.9.1
affected
16.9.2
affected
16.9.1a
affected
16.9.1b
affected
16.9.1s
affected
16.9.3
affected
16.9.4
affected
16.9.3a
affected
16.9.5
affected
16.9.5f
affected
16.9.6
affected
16.9.7
affected
16.9.8
affected
16.10.1
affected
16.10.1a
affected
16.10.1b
affected
16.10.1s
affected
16.10.1c
affected
16.10.1e
affected
16.10.1d
affected
16.10.2
affected
16.10.1f
affected
16.10.1g
affected
16.10.3
affected
3.10.0E
affected
3.10.1E
affected
3.10.0cE
affected
3.10.2E
affected
3.10.3E
affected
16.11.1
affected
16.11.1a
affected
16.11.1b
affected
16.11.2
affected
16.11.1s
affected
16.12.1
affected
16.12.1s
affected
16.12.1a
affected
16.12.1c
affected
16.12.1w
affected
16.12.2
affected
16.12.1y
affected
16.12.2a
affected
16.12.3
affected
16.12.8
affected
16.12.2s
affected
16.12.1x
affected
16.12.1t
affected
16.12.4
affected
16.12.3s
affected
16.12.3a
affected
16.12.4a
affected
16.12.5
affected
16.12.6
affected
16.12.1z1
affected
16.12.5a
affected
16.12.5b
affected
16.12.1z2
affected
16.12.6a
affected
16.12.7
affected
16.12.9
affected
16.12.10
affected
16.12.10a
affected
16.12.11
affected
16.12.12
affected
3.11.0E
affected
3.11.1E
affected
3.11.2E
affected
3.11.3E
affected
3.11.1aE
affected
3.11.4E
affected
3.11.3aE
affected
3.11.5E
affected
3.11.6E
affected
3.11.7E
affected
3.11.8E
affected
3.11.9E
affected
3.11.10E
affected
3.11.11E
affected
17.1.1
affected
17.1.1a
affected
17.1.1s
affected
17.1.1t
affected
17.1.3
affected
17.2.1
affected
17.2.1r
affected
17.2.1a
affected
17.2.1v
affected
17.2.2
affected
17.2.3
affected
17.3.1
affected
17.3.2
affected
17.3.3
affected
17.3.1a
affected
17.3.1w
affected
17.3.2a
affected
17.3.1x
affected
17.3.1z
affected
17.3.4
affected
17.3.5
affected
17.3.4a
affected
17.3.6
affected
17.3.4b
affected
17.3.4c
affected
17.3.5a
affected
17.3.5b
affected
17.3.7
affected
17.3.8
affected
17.3.8a
affected
17.4.1
affected
17.4.2
affected
17.4.1a
affected
17.4.1b
affected
17.4.2a
affected
17.5.1
affected
17.5.1a
affected
17.6.1
affected
17.6.2
affected
17.6.1w
affected
17.6.1a
affected
17.6.1x
affected
17.6.3
affected
17.6.1y
affected
17.6.1z
affected
17.6.3a
affected
17.6.4
affected
17.6.1z1
affected
17.6.5
affected
17.6.6
affected
17.6.6a
affected
17.6.5a
affected
17.6.7
affected
17.6.8
affected
17.6.8a
affected
17.7.1
affected
17.7.1a
affected
17.7.1b
affected
17.7.2
affected
17.10.1
affected
17.10.1a
affected
17.10.1b
affected
17.8.1
affected
17.8.1a
affected
17.9.1
affected
17.9.1w
affected
17.9.2
affected
17.9.1a
affected
17.9.1x
affected
17.9.1y
affected
17.9.3
affected
17.9.2a
affected
17.9.1x1
affected
17.9.3a
affected
17.9.4
affected
17.9.1y1
affected
17.9.5
affected
17.9.4a
affected
17.9.5a
affected
17.9.5b
affected
17.9.6
affected
17.9.6a
affected
17.9.5e
affected
17.9.5f
affected
17.11.1
affected
17.11.1a
affected
17.12.1
affected
17.12.1w
affected
17.12.1a
affected
17.12.1x
affected
17.12.2
affected
17.12.3
affected
17.12.2a
affected
17.12.1y
affected
17.12.1z
affected
17.12.4
affected
17.12.3a
affected
17.12.1z1
affected
17.12.4b
affected
17.13.1
affected
17.13.1a
affected
17.14.1
affected
17.14.1a
affected
17.11.99SW
affected
17.15.1
affected
17.15.1w
affected
17.15.1a
affected
17.15.1b
affected
References
sec.cloudapps.cisco.com/...y/cisco-sa-iosxe-privesc-su7scvdp (cisco-sa-iosxe-privesc-su7scvdp)
cve.org (CVE-2025-20199)
nvd.nist.gov (CVE-2025-20199)
Download JSON
